Xen project Mailing List

Re: [Xen-devel] [PATCH] Xen: Use the ioreq-server API when available

To: Stefano Stabellini <Stefano.Stabellini@xxxxxxxxxx>

From: Paul Durrant <Paul.Durrant@xxxxxxxxxx>

Date: Fri, 10 Oct 2014 14:52:42 +0000

Accept-language: en-GB, en-US

Cc: Peter Maydell <peter.maydell@xxxxxxxxxx>, Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx>, Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx>, "Michael S. Tsirkin" <mst@xxxxxxxxxx>, Alexey Kardashevskiy <aik@xxxxxxxxx>, Stefan Weil <sw@xxxxxxxxxxx>, Michael Tokarev <mjt@xxxxxxxxxx>, "qemu-devel@xxxxxxxxxx" <qemu-devel@xxxxxxxxxx>, Alexander Graf <agraf@xxxxxxx>, Stefano Stabellini <Stefano.Stabellini@xxxxxxxxxx>, Gerd Hoffmann <kraxel@xxxxxxxxxx>, Stefan Hajnoczi <stefanha@xxxxxxxxxx>, Paolo Bonzini <pbonzini@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, "Andreas Faerber\"" <afaerber@xxxxxxx>, Eduardo Habkost <ehabkost@xxxxxxxxxx>

Delivery-date: Fri, 10 Oct 2014 14:52:49 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Thread-index: AQHP5JIMOAasAiwoZUWKLm5sFvzrQ5wpRWIAgAAjRLA=

Thread-topic: [PATCH] Xen: Use the ioreq-server API when available

> -----Original Message----- > From: Stefano Stabellini [mailto:stefano.stabellini@xxxxxxxxxxxxx] > Sent: 10 October 2014 15:40 > To: Paul Durrant > Cc: qemu-devel@xxxxxxxxxx; xen-devel@xxxxxxxxxxxxxxxxxxxx; Michael S. > Tsirkin; Stefano Stabellini; Peter Maydell; Paolo Bonzini; Michael Tokarev; > Stefan Hajnoczi; Stefan Weil; Andreas Faerber"; Thomas Huth; Peter > Crosthwaite; Eduardo Habkost; Gerd Hoffmann; Alexey Kardashevskiy; > Alexander Graf > Subject: Re: [PATCH] Xen: Use the ioreq-server API when available > > On Fri, 10 Oct 2014, Paul Durrant wrote: > > The ioreq-server API added to Xen 4.5 offers better security than > > the existing Xen/QEMU interface because the shared pages that are > > used to pass emulation request/results back and forth are removed > > from the guest's memory space before any requests are serviced. > > This prevents the guest from mapping these pages (they are in a > > well known location) and attempting to attack QEMU by synthesizing > > its own request structures. Hence, this patch modifies configure > > to detect whether the API is available, and adds the necessary > > code to use the API if it is. > > > > The ioreq-server API does require that PCI device models explicitly > > register with Xen for config space accesses, so to use the API the > > code in xen-hvm.c needs to be informed as PCI devices are added or > > removed from PCI buses. This patch therefore also adds a PCI bus > > listener interface akin to the memory listener interface to fulfil > > this need. > > > > Signed-off-by: Paul Durrant <paul.durrant@xxxxxxxxxx> > > Cc: Michael S. Tsirkin <mst@xxxxxxxxxx> > > Cc: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> > > Cc: Peter Maydell <peter.maydell@xxxxxxxxxx> > > Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> > > Cc: Michael Tokarev <mjt@xxxxxxxxxx> > > Cc: Stefan Hajnoczi <stefanha@xxxxxxxxxx> > > Cc: Stefan Weil <sw@xxxxxxxxxxx> > > Cc: Andreas Faerber" <afaerber@xxxxxxx> > > Cc: Thomas Huth <thuth@xxxxxxxxxxxxxxxxxx> > > Cc: Peter Crosthwaite <peter.crosthwaite@xxxxxxxxxx> > > Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> > > Cc: Gerd Hoffmann <kraxel@xxxxxxxxxx> > > Cc: Alexey Kardashevskiy <aik@xxxxxxxxx> > > Cc: Alexander Graf <agraf@xxxxxxx> > > --- > > configure | 29 ++++++ > > hw/pci/pci.c | 65 ++++++++++++ > > include/hw/pci/pci.h | 9 ++ > > include/qemu/typedefs.h | 1 + > > trace-events | 8 ++ > > xen-hvm.c | 251 > +++++++++++++++++++++++++++++++++++++++++++---- > > 6 files changed, 345 insertions(+), 18 deletions(-) > > Please split this patch into two: one to introduce the PCI listener > stuff and another for the Xen specific changes. > Originally it was, but I was uneasy about introducing an interface with no consumers. Is that generally acceptable? [snip] > > diff --git a/xen-hvm.c b/xen-hvm.c > > index 05e522c..031edd9 100644 > > --- a/xen-hvm.c > > +++ b/xen-hvm.c > > @@ -78,6 +78,7 @@ typedef struct XenPhysmap { > > } XenPhysmap; > > > > typedef struct XenIOState { > > + ioservid_t ioservid; > > shared_iopage_t *shared_page; > > buffered_iopage_t *buffered_io_page; > > QEMUTimer *buffered_io_timer; > > @@ -92,6 +93,8 @@ typedef struct XenIOState { > > > > struct xs_handle *xenstore; > > MemoryListener memory_listener; > > + MemoryListener io_listener; > > + PCIListener pci_listener; > > QLIST_HEAD(, XenPhysmap) physmap; > > hwaddr free_phys_offset; > > const XenPhysmap *log_for_dirtybit; > > @@ -480,6 +483,20 @@ static void xen_region_add(MemoryListener > *listener, > > MemoryRegionSection *section) > > { > > memory_region_ref(section->mr); > > + > > +#if CONFIG_XEN_CTRL_INTERFACE_VERSION >= 450 > > Please use include/hw/xen/xen_common.h for compat stuff. In this case > you could provide an empty implementation of > xc_hvm_map_io_range_to_ioreq_server. Try to remove ifdefs from > xen-hvm.c. > Ok, I can do it that way; I was only following suit with the already #ifdefed code in xen-hvm.c. Paul _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.